DistroWatch Weekly

A weekly opinion column and a summary of events from the distribution world

DistroWatch Weekly

DistroWatch Weekly, Issue 73, 1 November 2004

Welcome to this year's 43rd edition of DistroWatch Weekly. We have the pleasure to report that last month was our best ever in terms of visitor interest, as we served over 4.5 million pages and transferred nearly 240GB of data during the months of October - up some 250% from a year ago! But don't stop visiting - the upcoming releases of Fedora Core 3 and FreeBSD 5.3, as well as those of many other distributions, should provide enough interest for everybody. Thank you all and happy reading!

Last week's comprehensive review of SimplyMEPIS by DesktopLinux.com, which declared SimplyMEPIS the best desktop Linux distribution ever created, attracted much interest in the Linux community. The story was promptly published on OSNews, Slashdot and several other popular Linux news sites, which quickly transposed to an unusually high number of page hits on this site's SimplyMEPIS page. It also resulted, no doubt, in a high number of new SimplyMEPIS downloads, as many users wanted to try out this "wonder" distribution for themselves. A live CD, with a supported, graphical installation procedure, pre-configured with all popular multimedia plugins and Java, this distribution does indeed take the pain out of configuring a fully functional and enjoyable desktop. Add to it several custom graphical configuration utilities for further tweaking and it is not difficult to see why this relatively new project has garnered so many followers.

Have you tried the latest release of SimplyMEPIS? If so, what are your experiences? Is it really the perfect desktop distribution or is there something that could have been done better? Please discuss below.

* * * * *

The Official Edition of Mandrakelinux 10.1 was finally released last week: "Mandrakesoft announced today the release of Mandrakelinux 10.1 Official, the latest version of its leading Linux operating system. Notable new features include extended support for mobile devices, better hardware compatibility, and major application upgrades. Following a successful "Community" release, 10.1 Official will be the basis for a large part of Mandrakesoft's range of products. The value-added packs (Discovery, PowerPack and PowerPack+) are available now for pre-orders and through the Mandrakeclub on-line service. Prices start at €44.90/US$49.90." Read the full press release and visit the Mandrakesoft's product pages for all the details. To obtain Mandrakelinux 10.1, you can either join Mandrakeclub and download it for free, or buy it from Mandrakestore.

The Official Edition of Mandrakelinux 10.1 was finally released last week.(full image size 181kB)

* * * * *

According to this message published on its mailing list, SourceForge has decided to upgrade its servers from Debian "Potato" to Fedora Core 2: "The SourceForge.net team is pleased to announce the long-awaited upgrade to our project web service. SourceForge.net staff are currently in the process of completing hardware procurement and system build-out. The official date for this upgrade has not yet been set; once our hardware build-out has been completed, the date will be announced on the SourceForge.net Site Status page. Old configuration: Debian Potato, Linux kernel 2.4.x. New configuration: Fedora Core 2, Linux kernel 2.6.x." Although the email does not specify the reasons for moving from Debian to Fedora, the upgrade of what is the largest repository of open source development projects in the world should give users a boost of confidence in the Fedora project. As we all know, there are circles of sceptics, who consider Fedora Core an experimental (i.e. not well-tested and potentially unstable) edition of Red Hat's flagship product - Red Hat Enterprise Linux, not suitable to power mission critical servers. If the SourceForge migration is successful, it will prove them wrong once and for all.

* * * * *

An evaluation edition of Lycoris Desktop/LX 1.4 was released for free download late last week. This edition only contains GPL software and the license prevents its use after the initial 45-day evaluation period. A retail edition of the product was released on September 13 and can be bought directly from the Lycoris Store (starting at US$45). You can find out more about Lycoris Desktop/LX 1.4 by reading the press release and by visiting the sneak peek pages created during the beta testing period, but the company's product pages have not been updated. If you are thinking about ordering the product, be aware that the Lycoris community forums contain a significant number of complaints by users who ordered it several months ago, but have yet to receive the product, or any response to their enquiries. Nevertheless, the product is well worth the download, especially if you are new to Linux and need a gentle introduction to this operating system.

Finally, it appears that the popular Gnoppix project is about to merge with Ubuntu Linux, or more precisely, with Ubuntu's live CD edition: "There have been some big developments in regards to Gnoppix that I'm excited to report. Recently, I've been contacted by developers working on the new Debian derivative 'Ubuntu' about collaboration between Ubuntu and Gnoppix. ... As a result, and barring any major objects, my current plan is to merge the two projects; in future, Gnoppix and the Ubuntu Live CD will be the same project. Gnoppix will benefit from Ubuntu's work on a highly integrated Debian-based GNOME desktop and Ubuntu will benefit from a solid live CD base." Read the rest of the announcement here.

Featured project of the week: OpenBSD

OpenBSD

There is little doubt that OpenBSD is one of the most remarkable development efforts in the history of UNIX. Initiated by Theo de Raadt back in 1995, after splitting from NetBSD, OpenBSD aims to be a highly secure operating system designed for mission critical operations. Although there seems to be a school of thought claiming that its best use is on firewalls and routers (rather than, say, web servers where it would be outperformed by FreeBSD), the truth is that OpenBSD is a full-featured operating system that can be deployed in any server environment and even on desktops or workstations.

What makes OpenBSD so highly secure? Several interesting ideas, some of which have since been incorporated into other operating systems. Among them, file flags, securelevels and systrace deserve a special mention.

File flags are a concept enhancing the traditional UNIX file system permissions. Once applied to a file, the flag will either prevent a user, including root, from removing or modifying the file in any way, or will only allow appending new lines to the file. A good example of the effectiveness of this concept is making the entire /bin directory recursively immutable, preventing a potential attacker from placing a Trojan into the directory. On the other hand, the append-only flag is often used on log files - this makes it impossible for intruders to cover their tracks. Both system-level and user-level flags are available.

The concept of file flags works in conjunction with OpenBSD's securelevels, of which there are four: -1, 0, 1 and 2. As soon as a file flag is set, it cannot be removed unless the system is in securelevel 0 or -1. To extend the example from the previous paragraph about making the /bin directory immutable, what happens if an executable file in the same directory needs to get a security patch, but the system is in securelevel 1 or 2? In this case, the system administrator will have to lower the securelevel in the BSD kernel by rebooting the system (while the system is running, the securelevel can be raised, but not lowered). As this example illustrates, the introduction of securelevels can prevent some common security exploits, but as a trade-off, it makes the system less flexible, especially when it comes to patching or upgrading applications.

OpenBSD's systrace, a policy-based system call access manager, is conceptually similar to SELinux. Like SELinux policies, the systrace policies define which users and programs can access which files and devices in a manner completely independent of UNIX permissions. Proper use of systrace can greatly reduce risks associated with poorly written or exploitable applications. While defining systrace policies is not a simple task, it has been made more palatable by the fact that systrace has been around for a long time and there are many online repositories with systrace sample policies. Also, systrace includes a policy-generation tool listing every system call available to the application for which the policy is being generated. Although an experienced system administrator could probably still tighten the security of the system by refining the default policy generated by the tool, the defaults are often secure enough for most uses.

Of course, the above tools will mean little in the hands of an incompetent system administrator, but through its intelligent design, OpenBSD has a proven ability to pass valuable skills onto anybody willing to think and learn. And that's perhaps the project's greatest contribution towards better and safer computing on the Internet.

Find out more about OpenBSD on its web site, then get the recently released OpenBSD 3.6 CD-set from the project's online store.

Released Last Week

Debian GNU/Linux 3.0r3

A new revision of the stable branch of Debian GNU/Linux ("woody") is now available: "This is the third update of Debian GNU/Linux 3.0 (codename 'woody') which mainly adds security updates to the stable release, along with a few corrections to serious problems. Those who frequently update from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update. Please note that this update does not produce a new version of Debian GNU/Linux 3.0 but only adds a few updated packages to it. There is no need to throw away 3.0 CDs but only to update against ftp.debian.org after an installation, in order to incorporate those late changes." The announcement, changelog, detailed list of updates. Existing Debian "woody" installations can be updated with "apt-get update" from the main server or one of the many mirrors.

SimplyMEPIS 2004.04

SimlyMEPIS 2004 has been updated to version 2004.04: "MEPIS LLC has released SimplyMEPIS 2004.04. This latest CD adds international support for Swedish to the previous support for British, French, German, Italian, and Spanish. Other CD improvements include an updated GRUB bootloader for better hardware compatibility and a more permissive 'failsafe' boot configuration. The JVM has been updated to work better with the Mozilla browser engine; kphone has been preinstalled for the convenience of VOIP phone service users; and configuration problems were resolved to enable remote printing in CUPS and LPD." Read the rest of the release announcement and changelog.

Feather Linux 0.6.1

Feather Linux 0.6.1 has been released. From the changelog: "Fixed pon and poff; updated aMSN script to 0.93; changed user in emelfm fpkg link to root; added 1400x1050 to list of available resolutions for certain laptops; changed user in mount.app mount command; tweaked knoppix-autoconfig and feather-loadram.sh; added openvpn - a tool to access VPNs; added tmsnc - a very usable text-based MSN client; made some space-saving changes to rm-dpkg; easy 'remaster' script can now save to hard drive instead of using RAM."

Co-CreateLinux 2005

A new version of Co-CreateLinux (formerly known as OpenDesktop) is now available for download. Co-CreateLinux is a Chinese desktop Linux distribution based on Fedora Core and strongly resembling Windows XP. Version 2005 features an updated Control Centre with improvements to login, printing, networking, user and display configuration. Resource management, especially the desktop and network neighbourhood, have also undergone numerous changes. The Firefox browser was hacked to resemble and behave like Internet Explorer, with support for Flash animation, Chinese language CSS attributes and MIME types. More details, as well as download links and a screenshot, are listed in the release notes (in simplified Chinese).

ZoneCD 0.5

ZoneCD version 0.5 has been released. ZoneCD, created by PUBLICip, is a Morphix-based bootable CD with a collection of GNU/Linux software pre-configured to create a WiFi gateway. From the ZoneCD 0.5 release notes: "Recompiled the kernel (2.4.20) to support bandwidth shaping, PPTP, and IPsec. A new section for bandwidth management in Zone control that will be visible when you select ZoneCD version 0.5-1. Pump is no longer used to get an IP for eth0, dhclient is now used to obtain an IP for eth0. Replaced rdate with ntpdate. Added better validation/errors to boot dialog."

Damn Small Linux 0.8.3

A new version of the Damn Small Linux mini live CD is now available. What's new? "New for 0.8.3: new control panel GUI; new Xvesa video setup GUI; new smbclient GUI; improved mydsl GUI now groups applications according to category; new autorestore of backup files, with boot time 'norestore' override; updated prism2 to support autodetected USB ethernet card; updated mc colors when issued from CLI; added mkdosswapfile script; fixed restart window manager - bbpager." See the release notes for a full list of changes.

Ubuntu Warty Live CD

Although available for several days, the final release of Ubuntu Linux Live CD has now been officially announced: "Ubuntu 4.10 -- Warty Warthog -- released on October 20th has gotten great feedback so far. The Ubuntu Team is now pleased to announce that the companion Warty Live CD is released as well! The Live CD contains a snapshot of everything in the Ubuntu 4.10 but in a bootable trial form. It will allow you to try out Ubuntu before installing it, without repartitioning or overwriting any existing software or data. To use it, just place it in the drive and reboot your computer. It also contains a small collection of Free and Open Source software shipped in Ubuntu that you can install on your Windows system. The Live CD is only available for Intel and compatible 'i386' processors."

Source Mage GNU/Linux 0.9.3

New ISO images of Source Mage GNU/Linux for x86 and PPC architectures have been released: "A new ISO has been released and for the first time, it's available on x86 and PPC at the same time. It has been built entirely with scripts using the stable sorcery and stable grimoire. Boot loader (lilo/grub/yaboot) configuration has been rewritten from scratch and has been tested with or without a separate /boot partition. Both ISOs use the 2.6.8.1 kernel. The PPC ISO takes care about loading the temperature driver to avoid overheating (and thus damages)." Read the announcement and this readme for further information.

Last week marked the official release date of Turbolinux 10 Server in Japan, as announced earlier this month: "Turbolinux will release three packages of 10 Server for the Japanese market only starting on October 29, 2004: Turbolinux 10 Server for US$360.00 includes 90-day unlimited installation e-mail support; Turbolinux 10 Server, with support, for US$890.00 includes one-year unlimited installation and configuration support; and Turbolinux 10 Server, Developer Edition, for US$89.00 includes 90-day unlimited e-mail support, though new user creation and user password modification are not available with this option. Customers worldwide will be able to purchase Turbolinux 10 Server, International Version, for USD$299.00 beginning on December 3, 2004." Read the press release and visit the product pages (both links in Japanese) for further information. Customers in Japan can order the product from the company's online store.

Slo-Tech Linux 2.1

A new version of Slo-Tech Linux, an easy-to-use Slovenian live CD based on Morphix, has been released. Version 2.1 comes in two variants - with either kernel 2.4or 2.6. It also includes KDE 3.3.0, Firefox 0.10.1, Evolution 2.0.2, Gaim 1.0.2, Xchat 2.4.0, and other popular applications. Due to bandwidth limitations, the two ISO images are only provided as BitTorrent seeds. See the complete release announcement (in Slovenian) and a screenshot of the distribution's desktop.

OpenBSD 3.6

OpenBSD 3.6 has been released: "We are pleased to announce the official release of OpenBSD 3.6. This is our 16th release on CD-ROM (and 17th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.6 provides significant improvements, including new features, in nearly all areas of the system. New platform: OpenBSD/luna88k; expanding the mvme88k porting effort by supporting Omron's line of 88100-based workstations. SMP support on OpenBSD/i386 and OpenBSD/amd64 platforms. New functionality: a cleaned up DHCP server and client implementation, now featuring privilege separation and safe defaults...." The announcement, release notes. Download the installation ISO from one of the OpenBSD mirrors or order the full CD set from the project's online store (US$45).

gnuLinEx 2004 Live

A "live CD" edition of gnuLinEx 2004 is now available. All bugs reported by beta testers have been fixed and several new applications have been included - that's according to the release announcement (in Spanish). The live CD includes a video (in AVI format) of a recent news coverage of gnuLinEx by the EuroNews TV station, showing people in schools and public terminals using gnuLinEx. Last year, the regional government of Extremadura in Spain replaced all Windows workstations in the provice's schools, government administration offices and public terminals with gnuLinEx - a Debian-based distribution with the GNOME desktop environment.

The LinEspa distribution, a Spanish live CD with XFce, has been updated to version 0.21: "Version 0.21 of LinEspa has been released. The ISO image has been zipped so that its download size is only about one third of the complete ISO image. We have fixed some problems with the installation script, updated icons on the panel, and included several new packages that many of the users requested in our forums and the IRC channel; these include Wine 20040716, Wireless-tools, APMD and ACPI." Here is the full release announcement (in Spanish).

Skolelinux 1.0r1

The first revision of Skolelinux, a Norwegian Debian-based distribution developed specifically for use in Norwegian schools, is now available. Major changes since version 1.0: "In first stage installer: more translations; re-inserted new manual partition option; upgraded from kernel version 2.4.26 to 2.4.27 in the installation system; auto-partitioning is now using the whole disk, and scales LVM volumes with the disk size. Fixed bug breaking installation for all locales not using ISO-8859-1. Updated nagios configuration. Added support for enabling Polish and Turkish language settings. Added Finnish KDE translations on the CD, but not yet installed by default. Security updates to: apache, courier, cupsys...." Read the full announcement (with a changelog) for further details.

The Slackware Store is now taking pre-orders for Slackware Linux 10.1. There is no information about the possible release date and the distribution has yet to enter a new beta testing cycle, so the final release might still be a few months off. The 4-CD set costs US$39.95 and can be ordered here. (Many thanks to Danny for submitting the news).

FreeBSD 5.3-RELEASE

The final release of FreeBSD 5.3 has been postponed once again. The reason? Two serious showstoppers: "The first issue deals with TCP SACK problems that result in a livelocked system. The second involves GDB leaving threaded processes in an unkillable state. Fixes for both are under review and will be committed to RELENG_5 in a few days when preliminary testing is complete." The final release is now scheduled for Friday, November 5.

Your votes have been counted, which means that the recipient of our October donation is the Arch Linux project. Those who follow this site know that these donations are a part of the DistroWatch donations programme, where 10% of this site's income from advertising and sale of merchandise are donated to various open source projects. The programme is a joint operation between DistroWatch.com and LinuxCD.org, an online store selling low-cost CDs of many BSDs and Linux distributions at highly competitive prices. If you don't have a fast Internet connection, visit LinuxCD.org to get the latest distribution releases by mail.

Arch Linux has been around since early 2002, but it has only risen to stardom earlier this year. It has a reputation for being a neatly designed operating system, with highly up-to-date packages, yet very stable and easy to maintain. Although its main work concentrates on maintaining a repository of binary packages for users to download and install with its "pacman" utility, it also provides a very simple way to compile packages from source code. The project's founder and lead developper is Judd Vinet whom we happened to interview just over a year ago. With the release of Arch Linux 0.7 just around the corner, we hope that the donation will help with offsetting some of the costs associated with hosting and maintaining an increasingly popular project.

Here is the PayPal receipt for our donation:

This email confirms that you have paid jvinet [at] zeroflux.org $300.00 USD using PayPal.

GNIX Vivo. GNIX is a Morphix-based bootable live CD with support for the Galician (Gallego) language, as well as Spanish (Castellano). It is developed by the Asociación de Usuarios GNIX, Galicia, Spain.

iBox. iBox is a highly customised and flexible live CD based on Gentoo Linux. Thanks to glc (the Chinese branch of gentoo portage), iBox provides an all-round Chinese (simplified) desktop environment using GNOME with almost all pre-configured popular software. The main feature of iBox is the auto-detection and auto-configuration of hardware, especially with the mkxorgconf script to help create the configuration file for Xorg. Last but not least, iBox can rebuild itself through ibox-builder from a Gentoo box.

ROSLIMS Live CD. ROSLIMS (ROmanian Simple LInux for Medical Students) is Knoppix-based live CD with full Romanian localisation of Knoppix 3.4, and additional software for medical students: (Medical) Reference Manager (Pybliographer) and Medline Query Interface, molecule editors - XDrawChem and ChemTool, true type fonts with Eastern European language support, and a 72-page tutorial in Romanian. The graphical user interface is in Romanian and English.

New on the waiting list

GoblinX. GoblinX is a bootable live CD distribution based on Slackware Linux. The primary goal for GoblinX is to create a more pleasant and functional desktop, standardising all icons and themes to make it easy for novice users to learn about available applications.

Knopperdisk. Knopperdisk is a Gentoo-based rescue system (available on a floppy disk or USB pen drive) containing various utilities, such as network-related tools.

Xarnoppix. Xarnoppix is a Knoppix-based live CD with support for Catalan and Spanish.

How many presentations have you attended with slide upon slide ladened with text, confusing charts and cheesy clip art? This FREE 41-page guide explains the science behind creating slide presentations that excite and engage your audience.